73440 matches found
Astra Linux - уязвимость в binutils
A issue was discovered in the Binary File Descriptor BFD library also known as libbfd, as distributed in GNU Binutils 2.31. An invalid memory access exists in bfdzalloc in opncls.c. Attackers could exploit this vulnerability to cause a denial of service application crash through a crafted ELF fil...
Astra Linux - уязвимость в hdf5
A SIGFPE signal was raised in the function H5Dchunksetinforeal of H5Dchunk.c in the HDF HDF5 1.10.3 library during an attempt to parse a crafted HDF file, due to incorrect protection against division by zero. This issue is distinct from CVE-2018-11207...
Astra Linux - уязвимость в hdf5
A SIGFPE signal is raised in the function H5Dcreatechunkfilemaphyper of H5Dchunk.c in the HDF HDF5 through 1.10.3 library during an attempt to parse a crafted HDF file. This occurs due to incorrect protection against division by zero. This could allow a remote denial-of-service attack...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerabilities have been resolved: PCI/bwctrl: Fixed NULL pointer dereferencing when bus numbers are exhausted. When the BIOS fails to assign bus numbers to PCI bridges, the kernel attempts to correct this during PCI device enumeration. If there are no availabl...
Astra Linux - уязвимость в linux-5.10, linux
In the Linux kernel, the following vulnerabilities have been resolved: NFC: port100: fixed a use-after-free in port100sendcomplete. Syzbot reported a UAF in port100sendcomplete. The root cause is the missing calls to usbkillurb in the error handling path of the -probe function. port100sendcomplet...
Astra Linux - уязвимость в linux
In the Linux kernel, the following vulnerabilities have been resolved: cifs: Return the correct error code from smb2getenckey Avoid a warning if the error is passed back up: 440700.376476 CIFS VFS: \otters.example.com cryptmessage: Could not get encryption key 440700.386947 ------------ Cut here...
Astra Linux – Vulnerability in Mariadb 10.3
In MariaDB before 10.9.2, the compresswrite function in extra/mariabackup/dscompress.cc does not release the datamutex upon a stream write failure, which allows local users to trigger a deadlock...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerabilities have been resolved: ublk: Fixed NULL pointer dereferencing in ublkctrlsetsize. The ublkctrlsetsize function dereferes ub-ubdisk unconditionally through setcapacityandnotify, without checking whether ub-ubdisk is NULL. ub-ubdisk becomes NULL befor...
Astra Linux - уязвимость в linux-5.10, linux
In the Linux kernel, the following vulnerability has been resolved: net: phy: Fixed a null-ptr-deref issue when the probe function failed. I received a report of a null-ptr-deref issue during the fault injection test. Bug: NULL pointer dereferencing in the kernel. Address: 0000000000000058 Oops:...
Astra Linux - уязвимость в speex
A vulnerability involving division by zero in the static int readsamples function of Speex v1.2 allows attackers to cause a Denial-of-Service attack through a specially crafted WAV file...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerability has been resolved: Wifi: ath11k: The affinity hint was cleared before calling ath11kpcicfreeirq in the error path. If a shared IRQ is used by the driver due to platform limitations, then the IRQ affinity hint is set correctly after the allocation o...
Astra Linux - уязвимость в xorg-server
A flaw was discovered in xorg-server. Changing the actions of XKB buttons, such as moving between the touchpad and the mouse, can lead to out-of-bounds memory reads and writes. This may allow for local privilege escalation or potential remote code execution, especially in cases where X11 forwardi...
Astra Linux - уязвимость в linux-5.10, linux-6.1, linux, linux-5.15
In the Linux kernel, the following vulnerability has been resolved: irqchip/gic-v3-its: Prevent double-free on error. The error handling path in itsvpeirqdomainalloc causes a double-free when itsvpeinit fails after successfully allocating at least one interrupt. This occurs because...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerability has been resolved: bnge: Return after auxiliarydeviceuninit in the error path. When auxiliarydeviceadd fails, the error handling code calls auxiliarydeviceuninit, but it does not return. auxiliarydeviceuninit drops the last reference to the device...
Astra Linux - уязвимость в linux-5.10, linux
In the Linux kernel, the following vulnerability has been resolved: nfc: st21nfca: fixed memory leaks in EVTTRANSACTION handling Error paths do not free the previously allocated memory. Add devmkfree to those failure paths...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerability has been resolved: spi: spi-qpic-snand: Unregisters the ECC engine upon probe error and device removal. The on-host hardware ECC engine remains registered both when the spiregistercontroller function returns an error, and also upon device removal...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerability has been resolved: Binder: Fixed a UAF in bindersnetlinkreport. Oneway transactions sent to frozen targets via bindersproctransaction return an BRTRANSACTIONPENDINGFROZEN error, but they are still treated as successful since the target is expected ...
Astra Linux - уязвимость в linux-5.10, linux
In the Linux kernel, the following vulnerabilities have been resolved: cxl: Fixed a memory leak in the error handling path. The bitmapzalloc function must be balanced with a corresponding bitmapfree function in the error handling path of afuallocateirqs...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerabilities have been resolved: drbd: fixed a null pointer dereferencing issue during local read operations In drbdrequestendio, READCOMPLETEDWITHERROR is passed to reqmod with a NULL peerdevice: reqmodreq, what, NULL, &m; The READCOMPLETEDWITHERROR handler...
Astra Linux - уязвимость в linux, linux-5.10
In the Linux kernel, the following vulnerabilities have been resolved: Drivers: hv: vmbus – Fixed a memory leak in vmbusaddchannelkobj. kobjectinitandadd takes a reference even when it fails. According to the documentation for kobjectinitandadd: If this function returns an error, kobjectput must ...